CVE-2014-1966

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-1966
The SNMP implementation in Siemens RuggedCom ROS before 3.11, ROS 3.11 for RS950G, ROS 3.12 before 3.12.4, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (device outage) via crafted packets.

7.8 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References
Link Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-051-03 Permissions Required Third Party Advisory US Government Resource
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-892342.pdf Broken Link Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rs950g:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rsg2488:-:*:*:*:*:*:*:*
History

01 Feb 2022, 16:53

Type Values Removed Values Added
CPE cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.2.5:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.8.5:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.4.9:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.7.9:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.9.3:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.3.6:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.12.1:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.12.2:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.6.6:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.12:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.5.4:*:*:*:*:*:*:*		 cpe:2.3:h:siemens:ruggedcom_rs950g:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rsg2488:-:*:*:*:*:*:*:*
CWE CWE-399 NVD-CWE-noinfo
References (MISC) http://ics-cert.us-cert.gov/advisories/ICSA-14-051-03 - US Government Resource (MISC) http://ics-cert.us-cert.gov/advisories/ICSA-14-051-03 - Permissions Required, Third Party Advisory, US Government Resource
References (CONFIRM) http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-892342.pdf - Vendor Advisory (CONFIRM) http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-892342.pdf - Broken Link, Vendor Advisory
First Time Siemens ruggedcom Rs950g
Siemens ruggedcom Rsg2488
Information

Published : 2014-02-24 04:48

Updated : 2023-12-10 11:31

NVD link : CVE-2014-1966

Mitre link : CVE-2014-1966

CVE.ORG link : CVE-2014-1966

JSON object : View

Products Affected

siemens

  • ruggedcom_rsg2488
  • ruggedcom_rugged_operating_system
  • ruggedcom_rs950g
CWE
NVD-CWE-noinfo